Filter
-Infinity
0
Trending
Versions
10.0.0
33
0.65
11
0.70
10
0.80
9
9.5.0
9
0.68
7
0.78
7
0.83
7
0.68.1
6
0.78.1
6
0.78.2
6
0.78.3
6
0.78.4
6
0.78.5
6
0.80.1
6
0.42
5
0.5
5
0.5-rc1
5
0.5-rc2
5
0.51
5
0.51a
5
0.6
5
0.6-rc1
5
0.6-rc2
5
0.6-rc3
5
0.65-rc1
5
0.65-rc2
5
0.68-rc1
5
0.68-rc2
5
0.68-rc3
5
0.68.2
5
0.68.3
5
0.70-rc1
5
0.70-rc2
5
0.70-rc3
5
0.70.1
5
0.70.2
5
0.71
5
0.71.1
5
0.71.1-rc1
5
0.71.1-rc2
5
0.71.1-rc3
5
0.71.2
5
0.71.3
5
0.71.4
5
0.71.5
5
0.71.6
5
0.72
5
0.72-rc1
5
0.72-rc2
5
GLPIGLPI allows unauthenticated SQL injection through the inventory endpoint
7.5
First published (updated )
GLPIGLPI allows SQL injection through the rules configuration
8.2
First published (updated )
Pre-authentication SQL injection to RCE in GLPI (CVE-2025-24799/CVE-2025-24801)
First published (updated )
Social
redditGLPIGLPI allows unauthorized access to debug mode
6.5
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GLPIGLPI vulnerable to unauthorized authentication by email using the OAuthIMAP plugin
7.5
First published (updated )
GLPIGLPI vulnerable to exposure of sensitive information in the `status.php` endpoint
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GLPIGLPI vulnerable to unauthenticated session hijacking
9.3
First published (updated )
GLPIGLPI vulnerable to authenticated insecure account deletion
8.1
First published (updated )
GLPIGLPI vulnerable to account takeover via the password reset feature
7.5
First published (updated )
GLPIGLPI vulnerable to account takeover without privilege escalation through the API
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GLPIGLPI vulnerable to enumeration of users' email addresses by unauthenticated user
7.5
First published (updated )
GLPIGLPI has a Reflected XSS in /front/stat.graph.php
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GLPIGLPI allows account takeover via SQL Injection in AJAX scripts
8.8
First published (updated )
GLPIGLPI allows remote code execution through the plugin loader
8.8
First published (updated )
GLPIGLPI allows account takeover via SQL Injection in AJAX scripts
8.1
First published (updated )
GLPIGLPI allows Authenticated File Upload to Restricted Tickets
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.